1f81d98c52
Complete port of all 163 API endpoints from Lucee/CFML to PHP 8.3. Shared helpers in api/helpers.php (DB, auth, request/response, security). PDO prepared statements throughout. Same JSON response shapes as CFML.
56 lines
1.3 KiB
PHP
56 lines
1.3 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../helpers.php';
|
|
runAuth();
|
|
|
|
require_once __DIR__ . '/_grantUtils.php';
|
|
|
|
global $userId;
|
|
|
|
$data = readJsonBody();
|
|
$grantID = (int) ($data['GrantID'] ?? 0);
|
|
|
|
if ($grantID <= 0) {
|
|
apiAbort(['OK' => false, 'ERROR' => 'missing_grantid', 'MESSAGE' => 'GrantID is required.']);
|
|
}
|
|
|
|
if ($userId <= 0) {
|
|
apiAbort(['OK' => false, 'ERROR' => 'not_authenticated']);
|
|
}
|
|
|
|
$qGrant = queryOne(
|
|
"SELECT g.*, b.UserID AS GuestOwnerUserID
|
|
FROM ServicePointGrants g
|
|
JOIN Businesses b ON b.ID = g.GuestBusinessID
|
|
WHERE g.ID = ?
|
|
LIMIT 1",
|
|
[$grantID]
|
|
);
|
|
|
|
if (!$qGrant) {
|
|
apiAbort(['OK' => false, 'ERROR' => 'not_found', 'MESSAGE' => 'Grant not found.']);
|
|
}
|
|
|
|
if ((int) $qGrant['GuestOwnerUserID'] !== $userId) {
|
|
apiAbort(['OK' => false, 'ERROR' => 'not_guest_owner', 'MESSAGE' => 'Only the guest business owner can decline this invite.']);
|
|
}
|
|
|
|
if ((int) $qGrant['StatusID'] !== 0) {
|
|
apiAbort(['OK' => false, 'ERROR' => 'bad_state', 'MESSAGE' => 'Only pending grants can be declined.']);
|
|
}
|
|
|
|
queryTimed("UPDATE ServicePointGrants SET StatusID = 2 WHERE ID = ?", [$grantID]);
|
|
|
|
recordGrantHistory(
|
|
$grantID,
|
|
'declined',
|
|
$userId,
|
|
(int) $qGrant['GuestBusinessID'],
|
|
['StatusID' => 0],
|
|
['StatusID' => 2]
|
|
);
|
|
|
|
jsonResponse([
|
|
'OK' => true,
|
|
'GrantID' => $grantID,
|
|
'MESSAGE' => 'Grant declined.',
|
|
]);
|